Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
628
Views
0
Helpful
7
Replies

non-cisco switch sending BDPU - blocks cisco port

Steven.Cools
Level 1
Level 1

‎10-08-2019 03:42 AM

hey, not a cisco/networking expert, hence the question;-) when connecting a non cisco PoE switch (digitus) to one of our cisco ports, the ports goes to errdisabled mode. (so this means the digitus sends out bdpu's and the loopguard reacts beacause the port is in portfast right?). so in this way we cannot use the switch. in what why can we actually use it (drop the portfast command on the cisco port? - or is that 'dangerous?)

 

thx for some pointers and feedback!

 

here's some elevant information (i guess):

spanning-tree mode mst

spanning-tree loopguard default

spanning-tree portfast bpduguard default

spanning-tree extend system-id spanning-tree pathcost method long

!

spanning-tree mst configuration

name ILVO-MST

revision 1

!

spanning-tree mst max-hops 40

 

interface FastEthernet0/1

switchport access vlan 246

switchport mode access

switchport voice vlan 146

storm-control broadcast level pps 1k 500

storm-control action shutdown

storm-control action trap spanning-tree portfast

Labels:
0 Helpful
7 Replies 7

luis_cordova
VIP Alumni
VIP Alumni

‎10-08-2019 04:09 AM

Hi @Steven.Cools 

 

Try removing this parameter:

 

spanning-tree portfast bpduguard default

 

Then you can enable bpduguard on the access ports.
In addition, the taged must be done in the access ports of the non-Cisco switch, leaving the ports that connect both switches in trunk mode.

Regards

0 Helpful

Steven.Cools
Level 1
Level 1
In response to luis_cordova

‎10-08-2019 04:49 AM

hey @luis_cordova, thx for the reply... the non-cisco switch is a non-managed switch so there's no trunk/tagging settings there. hence the connection on an access port. if removing the 'spanning-tree portfast bpduguard default' command i have to enable it again per port. is there no way to disable it per port and leaving the general setting? so i can just disable it on the port where the switch will be connected?
0 Helpful

luis_cordova
VIP Alumni
VIP Alumni
In response to Steven.Cools

‎10-08-2019 05:46 AM

Hi @Steven.Cools 

 

You can occupy the range to configure the bpduguard in the other interfaces

 

interface range FastEthernet0/2-24

spanning-tree portfast bpduguard

 

Regards

0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎10-08-2019 06:13 AM

Hi,

As you enabled the BPDUGUARD default on the switch global configuration mode means it is enabled on all ports. Here, you have to disable this command and can enable the same within each interface (range interface command) configuration except the port where the non-manageable switch is connected.

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

paul driver
VIP
VIP

‎10-08-2019 07:00 AM

Hello

You mention that your adding a non cisco switch to a cisco switch in stp mst domain?

Then the question is that non -cisco switch also running  stp and what node is it running.


if you wish to trunk the non-cisco switch then you could open yourself stp issues especially when your running MST st
Assuming  stp root is within your cisco mst domain then it also needs to be the the cist root for that non-Cisco switch

What are your expectation of this non switch switch?, do you just want it to run a single vlan if so you dont need to trunk the interconnection as the port connecting the non switch switch can be in in an administrative mode of access if you wish to run just the switch a a host switch in a single vlan


int x/x
description non-cisco switch
switchport mode access
swithcport access vlan x
spanning-tree guard root
spanning-tree bpdufilter enable


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Steven.Cools
Level 1
Level 1
In response to paul driver

‎10-08-2019 07:15 AM

hey @paul driver, i don't think the non-cisco switch is mst capable, also there's no management console or anything so no interface and thus no trunking settings etc... a simple switch thus. so i'd just like to use it as a simple switch for the vlan defined on the cisco access port. now in your config you specify the command "spanning-tree bpdufilter enable" but i thought that was exactly what was causing this behaviour of putting the port in errdiabled. so given the other replies above, i'd have to disable the default bdpu guard command on the switch level, and apply it again on all individual ports except for the one connecting to the non-cisco right? thx! S.
0 Helpful

paul driver
VIP
VIP
In response to Steven.Cools

‎10-08-2019 07:38 AM - edited ‎10-08-2019 07:52 AM

Hello

@Steven.Cools wrote:
 so given the other replies above, i'd have to disable the default bdpu guard command on the switch level, and apply it again on all individual ports except for the one connecting to the non-cisco right? thx! S.

No you can keep bpduguard enabled at a global level as any interface specific commands will take precedence over global ones, so you should be fine.

Bpdufilter applied at an interface level will just do that and filter any incoming bpdu's on the port thus you'll obtain a connection state between the two switches


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card